From 818e7a8ca24b6a7bdb7ab514c0da6c4b1db827aa Mon Sep 17 00:00:00 2001 From: ja Date: Mon, 18 Oct 2021 13:45:29 +0200 Subject: [PATCH] =?UTF-8?q?=C3=84nderung=20der=20Validation=20methoden?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- login/ChangePW.aspx.vb | 3 +- login/ForgotPW.aspx.vb | 380 ++++++++++++++++++++------------------- login/login_FLEX.aspx | 17 +- login/login_FLEX.aspx.vb | 7 +- 4 files changed, 203 insertions(+), 204 deletions(-) diff --git a/login/ChangePW.aspx.vb b/login/ChangePW.aspx.vb index ed59ad3..1e7a4d7 100644 --- a/login/ChangePW.aspx.vb +++ b/login/ChangePW.aspx.vb @@ -59,7 +59,7 @@ Partial Class login_ChangePW reqPasswtxt.Validate() reqPassw1txt.Validate() reqPassw1txt_M.Enabled = False - reqPasswtxt.Enabled = False + reqPasswtxt.Enabled = True tempstr = txt_Pw.Text ElseIf String.IsNullOrEmpty(txt_Pw.Text) = True AndAlso String.IsNullOrEmpty(txt_Pw_WH.Text) = True AndAlso txt_Pw.Attributes.Item("Placeholder") = Not True AndAlso txt_Pw_WH.Attributes.Item("Placeholder") = "Repeat Password" AndAlso txt_Pw.Attributes.Item("Placeholder") = "Repeat Password" Then @@ -85,6 +85,7 @@ Partial Class login_ChangePW 'Response.Redirect("login_FLEX.aspx") 'End If ElseIf txt_Pw_M.Text = tempstr And txt_Pw_WH_M.Text = tempstr AndAlso txt_Pw.Text = String.Empty And txt_Pw_M.Text = String.Empty Then + Msg = "PW erfolgreich geƤndert!" Style = vbOKOnly + vbInformation + vbDefaultButton1 Title = "Information" diff --git a/login/ForgotPW.aspx.vb b/login/ForgotPW.aspx.vb index 7a4a805..c302453 100644 --- a/login/ForgotPW.aspx.vb +++ b/login/ForgotPW.aspx.vb @@ -14,203 +14,205 @@ Partial Class login_ForgotPW End Sub Protected Sub btn_Send_Click(sender As Object, e As EventArgs) + Try + Dim username As String = String.Empty + Dim password As String = String.Empty + Dim email As String = String.Empty + Dim tokenname As String = String.Empty + If String.IsNullOrEmpty(txtEmail_M.Text) = True And String.IsNullOrEmpty(txt_Username_M.Text) = True And String.IsNullOrEmpty(txtEmail.Text) = False And String.IsNullOrEmpty(txt_Username.Text) = False Then + regexval_2_txt_Email_M.Enabled = False + valreqtxtEmail_M.Enabled = False + valreqtxtusername_M.Enabled = False + valreqtxtusername.Enabled = True + valreqtxtEmail.Enabled = True + regexval_txt_Email_2.Enabled = True + regexval_txt_Email.Enabled = True - Dim username As String = String.Empty - Dim password As String = String.Empty - Dim email As String = String.Empty - Dim tokenname As String = String.Empty - If txtEmail_M.Text = "E-Mail" And txt_Username_M.Text = "Username" And Not txtEmail.Attributes.Item("Placeholer") = "E-Mail" And Not txt_Username.Attributes.Item("Placeholer") = "Username" And String.IsNullOrEmpty(txtEmail.Text) = False And String.IsNullOrEmpty(txt_Username.Text) = False Then - regexval_2_txt_Email_M.Enabled = False - valreqtxtEmail_M.Enabled = False - valreqtxtusername_M.Enabled = False - valreqtxtusername.Enabled = True - valreqtxtEmail.Enabled = True - regexval_txt_Email_2.Enabled = True - regexval_txt_Email.Enabled = True - - valreqtxtEmail.Validate() - If valreqtxtEmail.IsValid = True Then - email = txtEmail.Text - ElseIf valreqtxtEmail.IsValid = False Then - valreqtxtEmail.ErrorMessage = "Annotation: The given Domain is not the company domain." - regexval_txt_Email.Validate() - regexval_txt_Email_2.IsValid = True - End If - - valreqtxtusername.Validate() - If valreqtxtusername.IsValid = True Then - check_UserName_regex.Validate() - If check_UserName_regex.IsValid = False Then - check_UserName_regex.ErrorMessage = "Annotation: The Username does not match the requirements." - Else - If check_UserName_regex.IsValid = True Then - username = txt_Username.Text - End If + valreqtxtEmail.Validate() + If valreqtxtEmail.IsValid = True Then + email = txtEmail.Text + ElseIf valreqtxtEmail.IsValid = False Then + valreqtxtEmail.ErrorMessage = "Annotation: The given Domain is not the company domain." + regexval_txt_Email.Validate() + regexval_txt_Email_2.IsValid = True End If - End If - ' MsgBox("3" + email + " " + username) - 'Mobil - ElseIf txtEmail.Text = "E-Mail" And txt_Username.Attributes.Item("Username") And Not txtEmail_M.Text = "E-Mail" And Not txt_Username_M.Attributes.Item("Placeholder") = "Username" And Not String.IsNullOrEmpty(txt_Username_M.Text) = True And Not String.IsNullOrEmpty(txtEmail_M.Text) = True AndAlso String.IsNullOrEmpty(txt_Username.Text) = True And String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(txtEmail_M.Text) = False And String.IsNullOrEmpty(txt_Username_M.Text) = False Then - valreqtxtEmail_M.Enabled = True - regexval_2_txt_Email_M.Enabled = True - regexval_txt_Email.Enabled = False - regexval_txt_Email_2.Enabled = False - valreqtxtusername.Enabled = False - valreqtxtusername_M.Enabled = True - valreqtxtEmail_M.Validate() - - If valreqtxtEmail_M.IsValid = True Then - email = txtEmail_M.Text - ElseIf valreqtxtEmail_M.IsValid = False Then - valreqtxtEmail_M.ErrorMessage = "Annotation: The given Domain is not the company domain." - regexval_txt_Email_M.Validate() - regexval_txt_Email_2.IsValid = True - End If - - valreqtxtusername_M.Validate() - If valreqtxtusername_M.IsValid = True Then - check_UserName_regex_M.Validate() - If check_UserName_regex_M.IsValid = False Then - check_UserName_regex_M.ErrorMessage = "Annotation: The Username does not match the requirements." - Else - check_UserName_regex_M.IsValid = True - End If - If check_UserName_regex_M.IsValid = True Then - username = txt_Username_M.Text - End If - End If - - End If - - 'Erweiterte Degub Msg-Box - 'MsgBox("Userdaten in App" + Environment.NewLine + email + Environment.NewLine + username + Environment.NewLine + "Userdaten desktop" + txt_Username.Text + Environment.NewLine + txtEmail.Text + Environment.NewLine + "Userdaten Mobil:" + Environment.NewLine + txtEmail_M.Text + Environment.NewLine + txt_Username_M.Text) - If String.IsNullOrEmpty(email) = False And String.IsNullOrEmpty(tokenname) = True And String.IsNullOrEmpty(password) = True And String.IsNullOrEmpty(username) = False Then - If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then - VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True - 'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956" - ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;" - Else - VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = False - ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;" - 'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;" - End If - - Using con As New SqlConnection(ConnectionString) - ' Using cmd As New SqlCommand("Validate_User") - Using cmd As New SqlCommand("SELECT Username,Password,Email FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username") - ' cmd.CommandType = CommandType.StoredProcedure - cmd.Parameters.AddWithValue("@Username", username) - cmd.Connection = con - con.Open() - 'userId = Convert.ToInt32(cmd.ExecuteScalar()) - Dim dr As SqlDataReader = cmd.ExecuteReader() - If dr.Read() Then - username = dr("Username").ToString() - password = dr("Password").ToString() - email = dr("Email").ToString() - Try - If txt_Username.Text = dr("Username").ToString() AndAlso txt_Username_M.Attributes.Item("Placeholder") = "Username" Then - check_UserName_regex_M.Enabled = False - check_UserName_regex.Enabled = True - check_UserName_regex.IsValid = True - username = txt_Username.Text - ElseIf txt_Username_M.Text = dr("Username").ToString() AndAlso txt_Username.Attributes.Item("Placeholder") = "Username" Then - check_UserName_regex.Enabled = False - check_UserName_regex_M.Enabled = True - check_UserName_regex_M.IsValid = True - username = txt_Username_M.Text - ElseIf String.IsNullOrEmpty(txt_Username_M.Text) = True AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True Then - check_UserName_regex_M.MatchTimeout = 3000 - check_UserName_regex_M.ErrorMessage = "No valid Username found in out database!" - check_UserName_regex_M.IsValid = False - ElseIf String.IsNullOrEmpty(txt_Username.Text) = False Then - check_UserName_regex.MatchTimeout = 3000 - check_UserName_regex.ErrorMessage = "No valid Username found in out database!" - check_UserName_regex.IsValid = False - End If - If (txtEmail.Text = dr("Email").ToString() AndAlso txtEmail_M.Attributes.Item("Placeholder") = "E-mail") Then - regexval_txt_Email_M.Enabled = False - regexval_txt_Email.Enabled = True - regexval_txt_Email.Validate() - email = txtEmail.Text - lblMessage.ForeColor = Color.Green - lblMessage.Text = "The given e-mail exists in our database." - ElseIf (txtEmail_M.Text = dr("Email").ToString() And txtEmail.Attributes.Item("Placeholder") = "E-mail") Then - regexval_txt_Email_M.Validate() - email = txtEmail_M.Text - lblMessage_M.ForeColor = Color.Green - lblMessage_M.Text = "The given e-mail exists in our database." - Else - lblMessage_M.ForeColor = Color.Red - lblMessage_M.Text = "The given e-mail does not exist in our database." - End If - - Catch ex As Exception - Dim Msg, Style, Title As String - Msg = "E-Mail validation failed!" & vbCrLf + "Please try again!" - Style = vbRetry + vbExclamation + vbDefaultButton1 - Title = "Authentication error!" - 'MsgBox(Msg, Style, Title) - 'If MsgBox(Msg, Style, Title).Yes Then - 'txtEmail.Text = String.Empty - 'txtEmail.Focus() - 'ElseIf MsgBox(Msg, Style, Title).No Then - 'End If - End Try - End If - End Using - con.Close() - End Using - If Session.Item("TokenforEmail") = Nothing Then - tokenname = genToken(username, password, email) - Session.Add("TokenforEmail", tokenname) - Session.Add("SessID", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Session.SessionID)) - Else - tokenname = Session.Item("TokenforEmail") - End If - - If SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)) = True Then - 'password = RandomString(New Random, 10) - If (getDateoftoken(tokenname) = True) Then - 'Dim msgboxstyle = vbDefaultButton1 + vbOK - 'MsgBox(tokenname, msgboxstyle) - lblMessage.ForeColor = Color.Green - lblMessage.Text = "Token generated successfully." - 'MsgBox("Token generated successfully.") - Else - lblMessage.ForeColor = Color.Red - lblMessage.Text = "Token is not valid anymore. Please generate a new one by sending a new e-mail!" - 'MsgBox("Token is not valid anymore. Please generate a new one by sending a new e-mail!") - - If Session.Item("TokenforEmail") = Nothing Then - tokenname = genToken(username, password, email) - Session.Add("TokenforEmail", tokenname) + valreqtxtusername.Validate() + If valreqtxtusername.IsValid = True Then + check_UserName_regex.Validate() + If check_UserName_regex.IsValid = False Then + check_UserName_regex.ErrorMessage = "Annotation: The Username does not match the requirements." Else - tokenname = Session.Item("TokenforEmail") + If check_UserName_regex.IsValid = True Then + username = txt_Username.Text + End If End If End If - 'SendEmail(username, password, email) - 'MsgBox("Mail would be sent successfully!") - lblMessage.ForeColor = Color.Green - lblMessage.Text = "The password has been sent sucessfully on the given valid e-mail address." - ElseIf SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)) = False Then - 'MsgBox("Mail would not be sent successfully!") - lblMessage.ForeColor = Color.Red - If String.IsNullOrWhiteSpace(username) = True Then - lblMessage.Text = "Error10: Username not recognized Error!" - ElseIf String.IsNullOrWhiteSpace(email) = True Then - lblMessage.Text = "Error11: Email not recognized Error!" - ElseIf String.IsNullOrWhiteSpace(password) = True Then - lblMessage.Text = "An internal password searching error occured in our systems ." - End If + ' MsgBox("3" + email + " " + username) End If - Else - 'MsgBox("The form has not been filled completeley.", MsgBoxStyle.Critical, "Error08") - lblMessage.ForeColor = Color.Red - lblMessage.Text = "The form has not been filled completeley." - End If + 'Mobil + If String.IsNullOrEmpty(txtEmail_M.Text) = False And String.IsNullOrEmpty(txt_Username_M.Text) = False And String.IsNullOrEmpty(txtEmail.Text) = True And String.IsNullOrEmpty(txt_Username.Text) = True Then + valreqtxtEmail_M.Enabled = True + regexval_2_txt_Email_M.Enabled = True + regexval_txt_Email.Enabled = False + regexval_txt_Email_2.Enabled = False + valreqtxtusername.Enabled = False + valreqtxtusername_M.Enabled = True + valreqtxtEmail_M.Validate() + If valreqtxtEmail_M.IsValid = True Then + email = txtEmail_M.Text + ElseIf valreqtxtEmail_M.IsValid = False Then + valreqtxtEmail_M.ErrorMessage = "Annotation: The given Domain is not the company domain." + regexval_txt_Email_M.Validate() + regexval_txt_Email_2.IsValid = True + End If + + valreqtxtusername_M.Validate() + If valreqtxtusername_M.IsValid = True Then + check_UserName_regex_M.Validate() + If check_UserName_regex_M.IsValid = False Then + check_UserName_regex_M.ErrorMessage = "Annotation: The Username does not match the requirements." + Else + check_UserName_regex_M.IsValid = True + End If + If check_UserName_regex_M.IsValid = True Then + username = txt_Username_M.Text + End If + End If + + End If + + 'Erweiterte Degub Msg-Box + 'MsgBox("Userdaten in App" + Environment.NewLine + email + Environment.NewLine + username + Environment.NewLine + "Userdaten desktop" + txt_Username.Text + Environment.NewLine + txtEmail.Text + Environment.NewLine + "Userdaten Mobil:" + Environment.NewLine + txtEmail_M.Text + Environment.NewLine + txt_Username_M.Text) + If String.IsNullOrEmpty(email) = False And String.IsNullOrEmpty(tokenname) = True And String.IsNullOrEmpty(password) = True And String.IsNullOrEmpty(username) = False Then + If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then + VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = True + 'ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=sa;Pwd=BmWr501956" + ConnectionString = "Server=DEVELOPER\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;" + Else + VERAG_PROG_ALLGEMEIN.cAllgemein.TESTSYSTEM = False + ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;" + 'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;" + End If + + Using con As New SqlConnection(ConnectionString) + ' Using cmd As New SqlCommand("Validate_User") + Using cmd As New SqlCommand("SELECT Username,Password,Email FROM [VERAG_HOMEPAGE].[dbo].[Users] WHERE Username=@Username") + ' cmd.CommandType = CommandType.StoredProcedure + cmd.Parameters.AddWithValue("@Username", username) + cmd.Connection = con + con.Open() + 'userId = Convert.ToInt32(cmd.ExecuteScalar()) + Dim dr As SqlDataReader = cmd.ExecuteReader() + If dr.Read() Then + username = dr("Username").ToString() + password = dr("Password").ToString() + email = dr("Email").ToString() + Try + If txt_Username.Text = dr("Username").ToString() AndAlso String.IsNullOrEmpty(txt_Username_M.Text) = True Then + check_UserName_regex_M.Enabled = False + check_UserName_regex.Enabled = True + check_UserName_regex.IsValid = True + username = txt_Username.Text + ElseIf txt_Username_M.Text = dr("Username").ToString() AndAlso txt_Username.Text = String.Empty Then + check_UserName_regex.Enabled = False + check_UserName_regex_M.Enabled = True + check_UserName_regex_M.IsValid = True + username = txt_Username_M.Text + ElseIf String.IsNullOrEmpty(txt_Username_M.Text) = True AndAlso String.IsNullOrEmpty(txtEmail.Text) = True Then + check_UserName_regex_M.MatchTimeout = 3000 + check_UserName_regex_M.ErrorMessage = "No valid Username found in out database!" + check_UserName_regex_M.IsValid = False + ElseIf String.IsNullOrEmpty(txt_Username.Text) = False Then + check_UserName_regex.MatchTimeout = 3000 + check_UserName_regex.ErrorMessage = "No valid Username found in out database!" + check_UserName_regex.IsValid = False + End If + If (txtEmail.Text = dr("Email").ToString() AndAlso String.IsNullOrEmpty(txtEmail_M.Text) = True) Then + regexval_txt_Email_M.Enabled = False + regexval_txt_Email.Enabled = True + regexval_txt_Email.Validate() + email = txtEmail.Text + lblMessage.ForeColor = Color.Green + lblMessage.Text = "The given e-mail exists in our database." + ElseIf (txtEmail_M.Text = dr("Email").ToString() And txtEmail.Attributes.Item("Placeholder") = "E-mail") Then + regexval_txt_Email_M.Validate() + email = txtEmail_M.Text + lblMessage_M.ForeColor = Color.Green + lblMessage_M.Text = "The given e-mail exists in our database." + Else + lblMessage_M.ForeColor = Color.Red + lblMessage_M.Text = "The given e-mail does not exist in our database." + End If + + Catch ex As Exception + Dim Msg, Style, Title As String + Msg = "E-Mail validation failed!" & vbCrLf + "Please try again!" + Style = vbRetry + vbExclamation + vbDefaultButton1 + Title = "Authentication error!" + 'MsgBox(Msg, Style, Title) + 'If MsgBox(Msg, Style, Title).Yes Then + 'txtEmail.Text = String.Empty + 'txtEmail.Focus() + 'ElseIf MsgBox(Msg, Style, Title).No Then + 'End If + End Try + End If + End Using + con.Close() + End Using + If Session.Item("TokenforEmail") = Nothing Then + tokenname = genToken(username, password, email) + Session.Add("TokenforEmail", tokenname) + Session.Add("SessID", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Session.SessionID)) + Else + tokenname = Session.Item("TokenforEmail") + End If + + If SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)) = True Then + 'password = RandomString(New Random, 10) + If (getDateoftoken(tokenname) = True) Then + 'Dim msgboxstyle = vbDefaultButton1 + vbOK + 'MsgBox(tokenname, msgboxstyle) + lblMessage.ForeColor = Color.Green + lblMessage.Text = "Token generated successfully." + 'MsgBox("Token generated successfully.") + Else + lblMessage.ForeColor = Color.Red + lblMessage.Text = "Token is not valid anymore. Please generate a new one by sending a new e-mail!" + 'MsgBox("Token is not valid anymore. Please generate a new one by sending a new e-mail!") + + If Session.Item("TokenforEmail") = Nothing Then + tokenname = genToken(username, password, email) + Session.Add("TokenforEmail", tokenname) + Else + tokenname = Session.Item("TokenforEmail") + End If + End If + 'SendEmail(username, password, email) + 'MsgBox("Mail would be sent successfully!") + lblMessage.ForeColor = Color.Green + lblMessage.Text = "The password has been sent sucessfully on the given valid e-mail address." + ElseIf SendEmail(username, password, email, VERAG_PROG_ALLGEMEIN.cCryptography.Decrypt(tokenname)) = False Then + 'MsgBox("Mail would not be sent successfully!") + lblMessage.ForeColor = Color.Red + If String.IsNullOrWhiteSpace(username) = True Then + lblMessage.Text = "Error10: Username not recognized Error!" + ElseIf String.IsNullOrWhiteSpace(email) = True Then + lblMessage.Text = "Error11: Email not recognized Error!" + ElseIf String.IsNullOrWhiteSpace(password) = True Then + lblMessage.Text = "An internal password searching error occured in our systems ." + End If + End If + Else + 'MsgBox("The form has not been filled completeley.", MsgBoxStyle.Critical, "Error08") + lblMessage.ForeColor = Color.Red + lblMessage.Text = "The form has not been filled completeley." + End If + Catch Exc As Exception + lblMessage.Text = "Error08: No iput found." + End Try End Sub 'Function RandomString(r As Random, max As Integer) As String diff --git a/login/login_FLEX.aspx b/login/login_FLEX.aspx index 1e8437f..513b851 100644 --- a/login/login_FLEX.aspx +++ b/login/login_FLEX.aspx @@ -304,7 +304,7 @@ - + @@ -340,11 +340,9 @@ - - - - - + + + @@ -357,7 +355,7 @@ - + @@ -372,10 +370,9 @@ - - + - + diff --git a/login/login_FLEX.aspx.vb b/login/login_FLEX.aspx.vb index 4d6b145..761bcf6 100644 --- a/login/login_FLEX.aspx.vb +++ b/login/login_FLEX.aspx.vb @@ -5,9 +5,7 @@ Partial Class login_FLEX Inherits System.Web.UI.Page Protected Sub Page_Load(sender As Object, e As EventArgs) - If Not Page.IsPostBack Then - Page.Validate() - End If + End Sub Protected Sub ValidateUser(sender As Object, e As EventArgs) Dim userId As Integer = 0 @@ -62,6 +60,7 @@ Partial Class login_FLEX End Sub Protected Sub LoginButton_Click(sender As Object, e As EventArgs) - + End Sub + Protected Sub LoginButton_M_Click(sender As Object, e As EventArgs) End Sub End Class